In an odd set of events privacy-centric VPN provider AirVPN has lost access to their Ukrainian VPN servers.
At the end of October the data centre used by AirVPN to host their VPN servers was raided by the Ukranian security services in an apparent scam to extract money from the data centre owners.
It is reported that the security forces removed servers and have since demanded money for their return. Reports from the data centre UrDN suggest that the action was carried out under the guise of searching for malware distribution but was indeed a ruse to demand money from UrDN.
AirVPN rents the servers from UrDN but are keen to stress that no sensitive data was stored on the servers and as such no customer information or details are at risk.
Servers illegally stolen UrDN claims
UrDN posted a message on their website dated 29th October which explained the situation but also went further to state that not only were their own servers stolen but those that belong to other companies that are hosted in the centre.
UrDN claims that the security services known as the SBU ensured that they were unable to contact lawyers or have any legal assistance while the raid was taking place.
UrDN posted an update on their now defunct website on the 13th November 2015 stating that they are now aware of a loophole that the SBU security services used to carry out the raid and are in the process of attempting to recover the stolen hardware.
On a separate forum Lowendtalk a user named UrDNbkp claiming to be a representative of UrDN confirmed that they were aware of 15 other organisations in Ukraine that suffered a similar fate and reiterated they are attempting to recover the lost servers. Although they say that due to finances the future of the organisation is now in doubt.
Government corruption or something more?
In their earlier post from October, UrDN point the finger at government corruption and claim that as they sponsor mainly non-profit organisations that they have limited funds. With a large VPN provider like AirVPN renting servers from them and no doubt other companies one has to wonder if funds have been misspent or if indeed like claimed the alleged SBU raid took place.
Speaking to AirVPN, they claim their business has not been affected and the Ukrainian location was merely a bonus as they operate in many different countries which are available to their customer base.
Regardless of the goings on at UrDN the alleged raid raises a serious issue about VPN server locations in countries that have corrupt authorities. While AirVPN claims there is no risk to user information and privacy the fact this situation could occur is troubling not least to the smooth operation of a VPN service.
Many users rely on servers in far flung locations due to their somewhat relaxed laws on issues such as copyright but with those relaxed laws comes the issue of other relaxed laws such as corruption.
With parts of Ukraine being politically unstable at the moment and it being a regular destination for VPN server locations it begs the question of if other providers will fall foul of the same situation in other data centres across Ukraine.
Image courtesy of Serge Bertasius Photography at FreeDigitalPhotos.net